If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Metasploit meterpreter and soundrecorder.rb

Recently i try soundrecorder.rb script by Carlos Perez and it is really cool thing.
After remote keysniffer really nice thing.

My lab: on one computer Backtrack4 prefinal usb and another Windows xp sp3.

I run exploit windows/browser/winamp_playlist_unc old exploit for winamp 5.12 but i like it to launch this exploit and payload windows/meterpreter/reverse_tcp.
After sessions become active i first migrate fast to explorer.exe process.
Then run soundrecorder.rb script and talk on mic on victim computer and attacker computer recorded everything. Really nice also nice is that after time of recording is over script automatically delete uploaded files linco.exe and oggenc.exe.

Can someone else say something about this nice script and experience with it?

Thanks for the kind words, I'm glad you liked my script. I will posting later today my slide deck from my part of thepresentation with HD and JR on Meterpreter where I covered Meterpreter Scripting I think you will like it.

For sure always like to learn from metasploit and ruby ninjas like you.

My friends (they are ordinary windows users) ask me come on show us something but really cool form all this stuff you know when you get into computer and i decide to show trick with uictl and your soundrecorder script and after my friend talk on mic and later i play this on attacker machine they go all crazy and say this is really cool cool thing and one friend say in joke now my girlfriend can hear my hot mic sessions on skype with other girls.

They talk about this even days ago.

P.s. showing ordinary windows users some portforwading or something like that is not what they want to see because they dont understand this.

i was working on a script for evasdropping on all media devices, this script would upload vlcplayer witch has a command line interface thus allowing meterpreter shell to access this remotely... it was going smoothly until i seen that hdmoore updated the framework with a similar built in functions for meterpreter...

vlcplayer has so many options a attacker could use for fun and entertainment...

Can you explain how to eavesdrop all media devices with meterpreter. Currently there is on that kind of script in meterpreter (except for sounrecorder.rb) maybe I can develop a new one if you guide me with metasploit functions.

Can someone else say something about this nice script and experience with it?

Definitely would like to try.
Couple of months back I tried the same with CANVAS exploitation framework (licensed one), but the quality of recorded voice was pathetic and I could not understand even a single word.